e259dfba92fe1b05ff31f7b540dc54d7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e259dfba92fe1b05ff31f7b540dc54d7_JaffaCakes118
Size

29KB
MD5

e259dfba92fe1b05ff31f7b540dc54d7
SHA1

52ffccbcc3bc48907bf4c1e93a88971c2c746422
SHA256

939e9a7affd0039272aad6b83da00783c068495f2d99d7280043d5d710f0ade2
SHA512

c83977acc0ad0d685384fd8ea99e0c1a81a61137c1909960de5e0bb0b57fb3d8675a3def75448fb7759af4b576fe58691d63736ee94b44006707cf6f81c98cb9
SSDEEP

768:K/Blf8cHbKrfASUy1XxJ0ayzDGRViODOlTAs:8f8c0IyqaiDGRLDOlTt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e259dfba92fe1b05ff31f7b540dc54d7_JaffaCakes118

Files

e259dfba92fe1b05ff31f7b540dc54d7_JaffaCakes118
.dll windows:5 windows x64 arch:x64

53c7c14358a7227188d3cf5b89f60ad9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

libtiff

TIFFReadScanline
TIFFReadRGBAImageOriented
TIFFSetField
TIFFWriteScanline
TIFFClientOpen
TIFFGetField
TIFFClose

qtgui4

??1QImageIOPlugin@@UEAA@XZ
?qt_metacall@QImageIOPlugin@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QImageIOPlugin@@UEAAPEAXPEBD@Z
?metaObject@QImageIOPlugin@@UEBAPEBUQMetaObject@@XZ
??0QImageIOPlugin@@QEAA@PEAVQObject@@@Z
?setDevice@QImageIOHandler@@QEAAXPEAVQIODevice@@@Z
?setFormat@QImageIOHandler@@QEAAXAEBVQByteArray@@@Z
?size@QImage@@QEBA?AVQSize@@XZ
??4QImage@@QEAAAEAV0@$$QEAV0@@Z
?setColorTable@QImage@@QEAAXV?$QVector@I@@@Z
?isNull@QImage@@QEBA_NXZ
?setDotsPerMeterX@QImage@@QEAAXH@Z
?setDotsPerMeterY@QImage@@QEAAXH@Z
?mirrored@QImage@@QEBA?AV1@_N0@Z
??0QMatrix@@QEAA@XZ
?rotate@QMatrix@@QEAAAEAV1@N@Z
?transformed@QImage@@QEBA?AV1@AEBVQMatrix@@W4TransformationMode@Qt@@@Z
?dotsPerMeterX@QImage@@QEBAHXZ
?dotsPerMeterY@QImage@@QEBAHXZ
?logicalDpiX@QPaintDevice@@QEBAHXZ
?logicalDpiY@QPaintDevice@@QEBAHXZ
?colorTable@QImage@@QEBA?AV?$QVector@I@@XZ
?copy@QImage@@QEBA?AV1@HHHH@Z
?scanLine@QImage@@QEAAPEAEH@Z
?convertToFormat@QImage@@QEBA?AV1@W4Format@1@V?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
?setFormat@QImageIOHandler@@QEBAXAEBVQByteArray@@@Z
??1QImageIOHandler@@UEAA@XZ
?currentImageRect@QImageIOHandler@@UEBA?AVQRect@@XZ
?currentImageNumber@QImageIOHandler@@UEBAHXZ
?nextImageDelay@QImageIOHandler@@UEBAHXZ
?imageCount@QImageIOHandler@@UEBAHXZ
?loopCount@QImageIOHandler@@UEBAHXZ
?jumpToImage@QImageIOHandler@@UEAA_NH@Z
?jumpToNextImage@QImageIOHandler@@UEAA_NXZ
??0QImageIOHandler@@QEAA@XZ
?height@QImage@@QEBAHXZ
?width@QImage@@QEBAHXZ
?format@QImage@@QEBA?AW4Format@1@XZ
??0QImage@@QEAA@HHW4Format@0@@Z
?bits@QImage@@QEAAPEAEXZ
??4QImage@@QEAAAEAV0@AEBV0@@Z
??1QImage@@UEAA@XZ
?device@QImageIOHandler@@QEBAPEAVQIODevice@@XZ

qtcore4

?fromLatin1_helper@QString@@CAPEAUData@1@PEBDH@Z
??1QString@@QEAA@XZ
?append@QListData@@QEAAPEAPEAXXZ
?detach@QListData@@QEAAPEAUData@1@H@Z
?detach_grow@QListData@@QEAAPEAUData@1@PEAHH@Z
?isOpen@QIODevice@@QEBA_NXZ
?free@QString@@CAXPEAUData@1@@Z
??0QString@@QEAA@AEBV0@@Z
?changeGuard@QMetaObject@@SAXPEAPEAVQObject@@PEAV2@@Z
?removeGuard@QMetaObject@@SAXPEAPEAVQObject@@@Z
?shared_null@QListData@@2UData@1@A
?disconnectNotify@QObject@@MEAAXPEBD@Z
?connectNotify@QObject@@MEAAXPEBD@Z
?customEvent@QObject@@MEAAXPEAVQEvent@@@Z
?childEvent@QObject@@MEAAXPEAVQChildEvent@@@Z
?timerEvent@QObject@@MEAAXPEAVQTimerEvent@@@Z
?eventFilter@QObject@@UEAA_NPEAV1@PEAVQEvent@@@Z
?event@QObject@@UEAA_NPEAVQEvent@@@Z
?qstrcmp@@YAHAEBVQByteArray@@PEBD@Z
?read@QIODevice@@QEAA_JPEAD_J@Z
?isReadable@QIODevice@@QEBA_NXZ
?write@QIODevice@@QEAA_JPEBD_J@Z
??1QByteArray@@QEAA@XZ
?qFree@@YAXPEAX@Z
?fromRawData@QByteArray@@SA?AV1@PEBDH@Z
?peek@QIODevice@@QEAA?AVQByteArray@@_J@Z
?qWarning@@YAXPEBDZZ
??0QByteArray@@QEAA@PEBD@Z
??0QVariant@@QEAA@XZ
??0QVariant@@QEAA@H@Z
??0QVariant@@QEAA@AEBVQSize@@@Z
?toInt@QVariant@@QEBAHPEA_N@Z
?type@QVariant@@QEBA?AW4Type@1@XZ
?free@QVectorData@@SAXPEAU1@H@Z
?qBadAlloc@@YAXXZ
?allocate@QVectorData@@SAPEAU1@HH@Z
?qMemSet@@YAPEAXPEAXH_K@Z
?reallocate@QVectorData@@SAPEAU1@PEAU1@HHH@Z
?qMalloc@@YAPEAX_K@Z
?isWritable@QIODevice@@QEBA_NXZ

msvcr100

__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
?terminate@@YAXXZ
__CppXcptFilter
_amsg_exit
_encoded_null
free
_initterm_e
_initterm
_malloc_crt
_onexit
_lock
__dllonexit
_unlock
__C_specific_handler
??2@YAPEAX_K@Z
_CxxThrowException
memcpy
??3@YAXPEAX@Z
__CxxFrameHandler3
memcmp

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
Sleep
DecodePointer
EncodePointer

Exports

Exports

qt_plugin_instance
qt_plugin_query_verification_data

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 190B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53c7c14358a7227188d3cf5b89f60ad9

Headers

DLL Characteristics

File Characteristics

Imports

libtiff

qtgui4

qtcore4

msvcr100

kernel32

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 464B

.pdata Size: 1024B - Virtual size: 792B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 190B

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 464B

.pdata
Size: 1024B - Virtual size: 792B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 190B